Compliance is confusing.
Learn how to meet your challenging security and compliance goals with our video library.
Our videos are designed to educate, inspire, and empower organizations to greater levels of assurance with expert advice, training, and guidance to elevate your security and compliance efforts.
Our security and compliance training videos cover auditing basics; PCI DSS , HIPAA , HITRUST , SOC 1 , and SOC 2 compliance; general information security topics; cloud security; risk assessment; vendor compliance; and more.
Audit Expectations Videos
Starting an audit is overwhelming. Are you wondering what you can expect as you enter into the audit process?
When you start an audit, questions about terminology, processes, and auditing norms are bound to arise. These videos explain the basics of auditing so that you can rest assured that you know what’s ahead of you in your compliance journey.
Auditing Basics Videos
Undergoing any kind of audit can be daunting, especially if you’ve never done it before. If you’re new to compliance audits, there’s critical pieces of information that you need to know before your engagement starts. In the following videos, we walk through auditing basics, including high-level overviews of SOC 1 and SOC 2 audits, what to expect during the audit process, how to use your audit reports, and more.
Learn how you can protect your organization against the ever-changing threat landscape through our audit basics series.
SOC 1 Videos
Staying ahead in your industry comes down to one important question: Can your clients trust you? SOC 1 audit reports can help organizations gain a competitive advantage and client trust by maturing business practices and receiving third-party validation. This video series answers the questions of what a SOC 1 report is, why you need one, and what the SOC 1 audit process involves.
SOC 2 Videos
How can you prove you’re not an at-risk vendor? How can you give your clients the assurance they need that you’re protecting their critical assets? SOC 2 audits help to address third-party risk concerns by evaluating internal controls, policies, and procedures that directly relate to the security of a system at a service organization.
Our video series on SOC 2 reports covers everything from determining who should have a SOC 2 audit performed, selecting appropriate Trust Services Principles, and understanding the SOC 2 audit process itself.
PCI DSS Videos
If you are a merchant, service provider, or sub-service provider who stores, processes, or transmits cardholder data, you know what a challenge it can be to undergo your annual PCI compliance audit. Don’t let the thought of this 394 control framework slow you down.
Our exclusive PCI video series walks you through each of the 12 PCI DSS Requirements, their sub-requirements, and examples of how to meet each of the requirements.
PCI Requirement 12.11.1 – Additional Requirement for Service Providers Only: Maintain Documentation of Quarterly Review Process
PCI Requirement 12.11 – Additional Requirement for Service Providers Only: Perform Reviews at Least Quarterly to Confirm Personnel Are Following Security Policies and Operational Procedures
PCI Requirement 12.10.6 – Develop a Process to Modify and Evolve the Incident Response Plan According to Lessons Learned and to Incorporate Industry Developments
PCI Requirement 12.10.5 – Include Alerts from Security Monitoring Systems, Including but Not Limited to Intrusion-Detection, Intrusion-Prevention, Firewalls, and File-Integrity Monitoring Systems
PCI Requirement 12.10.4 – Provide Appropriate Training to Staff with Security Breach Responsibilities
Have you been asked by a top client to become HITRUST certified? Are you looking for a better way to demonstrate compliance with HIPAA laws? What exactly is HITRUST and how does it apply to your organization? KirkpatrickPrice is a HITRUST CSF Assessor, prepared to help Business Associates understand who HITRUST is, what the CSF is, and how you can apply HITRUST certification to your organization. Check out our HITRUST video series hosted by HITRUST CSF Practitioner, Jessie Skibbe.
Episode 6 – Understanding HITRUST – Top 5 HITRUST FAQs
Episode 5 – 5 Things You Need to Get Started with HITRUST Compliance
Episode 4 – How are HITRUST Controls Scored? The HITRUST CSF Maturity Model
Episode 3 – HITRUST CSF Assessment & Report Options
Episode 2 – How to Navigate HITRUST CSF Controls
Demonstrating compliance with the HIPAA Privacy and Security Rules can be an overwhelming challenge for business associates and covered entities. Let KirkpatrickPrice be your guide down the road to HIPAA compliance with this video series. Presented by HIPAA Compliance Specialists, this series aims to answer all your questions on how you can prepare for a potential HIPAA audit from the OCR.
If your organization processes personal information coming from the European Union, you should begin learning about the General Data Protection Regulation (GDPR). This law gives data subjects more rights over their personal data and establishes security and privacy obligations for any organization around the world that is processing the data of an EU data subject, making the applicability of the law follow data rather than following a data subject or physical location.
In these videos, learn from KirkpatrickPrice privacy experts about the basic principles of GDPR and how to best start your GDPR compliance journey.
Law of Data Security and Investigations
In these videos, KirkpatrickPrice partnered with attorney Benjamin Wright to create a series on information security and digital investigation topics. Cyber insurance, NDAs, employee awareness, consumer risk, incident response – we cover a variety of topics in this series! Security, legal, and investigative professionals can expect to learn how to manage the risks and the expectations that apply in law and ethics around information security and digital investigations.
What Is an Incident Response Plan? The Collection and Evaluation of Evidence
Understanding Gramm Leach Bliley (GLBA) Compliance and Personally Identifiable Information
Advice for Making Legal Agreements via Electronic Communication
Non-Disclosure Agreement Risks – When and How to Sign a Non-Disclosure Agreement
Monitoring Employee Records and Communications Best Practices
Want more privacy, security, and compliance training? No matter what industry you’re in, this video series is packed full of information security and compliance guidance to help strengthen your security posture. Check out these videos for a variety of information security and technology topics.